原是项目里的一段代码,目地是从linux服务器连接java web服务器获取信息,代码部分做了修改用于演示。
python与服务器连接时,用户名和登录密码做了一些加密。
#!/usr/bin/env python
# -*- coding: GBK -*-
# 上面这行很重要,它指出本源码的编码;失去这行,将会导致编码错误。
# python version 3.0+
serviceUrl = '/web_test1/action/test2.jsp'
import base64
import sys
import random
import http.client
import hashlib
def pymain():
'''启动入口'''
OPER_IP = '-IP'
OPER_USER = '-U'
OPER_PASSWD = '-P'
OPER_ACTION = '-A'
OPER_HELP = '-H'
serviceIp = '127.0.0.1'
user = 'root'
passwd = '123456'
action = 'version'
if 1==len(sys.argv) or 5<len(sys.argv):
'''显示帮助'''
help(sys.argv[0])
return
for arg in sys.argv:
if arg.startswith(OPER_HELP):
'''显示帮助'''
help(sys.argv[0])
return
if arg.startswith(OPER_USER):
user = arg[2:20]
continue
if arg.startswith(OPER_PASSWD):
passwd = arg[2:20]
continue
if arg.startswith(OPER_IP):
serviceIp = arg[3:40]
continue
if arg.startswith(OPER_ACTION):
action = arg[2:20]
continue
ed = encrypt(user,passwd)
#print(ed)
print(connectServer(serviceIp, ed, action))
def encrypt(user='',passwd=''):
'''生成混摇码,并对用户名和密码加密'''
rc = randomCode()
euser = rc+user
epasswd = rc+passwd
erc = rc
euser = hashlib.sha1(euser.encode()).hexdigest()
epasswd = hashlib.sha1(epasswd.encode()).hexdigest()
#erc = hashlib.sha1(erc.encode()).hexdigest()
return {'a':euser, 'b':epasswd, 'c':erc}
def randomCode():
'''40位混摇码'''
c = '1abc234567890def'
rc = ''
i = 40
while i>0:
rc += random.choice(c)
i -= 1
return rc
def connectServer(serviceIp,reqArgs,action):
'''连接server'''
res = ''
try:
httpRequest = "%s?a=%s&b=%s&c=%s&action=%s" % (serviceUrl,reqArgs['a'],reqArgs['b'],reqArgs['c'],action)
conn = http.client.HTTPConnection(host=serviceIp)
conn.request("POST", httpRequest)
r1 = conn.getresponse()
if 200 == r1.status:
res = r1.read(1024)
res = repr(res)
else :
res = "connect server fail."
conn.close()
except Exception as e:
res = 'connect server except:%s.' % (e)
return res
def help(name):
'''帮助'''
msg = []
msg.append('命令格式1: %s [-H]' % (name))
msg.append('\t-H:显示帮助信息')
msg.append('\t')
msg.append('命令格式2: %s <-IPserverip> [-Uuser] [-Ppasswd] [-Aaction]' % (name))
msg.append('\t例:%s -IP192.168.1.9:80 -Uroot -P123pwd -Ainfo' % (name))
msg.append('\t-IP:要访问的服务ip')
msg.append('\t-U:登录用户名')
msg.append('\t-P:登录密码')
msg.append('\t-A:操作')
for im in msg:
print(im)
if __name__ == '__main__':
pymain()
java代码:
<%@ page language="java" contentType="text/html; charset=gbk"
pageEncoding="gbk"%>
<%@page import="org.sl.util.Utility" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
<title>Insert title here</title>
<%
String LOGIN_USER = "sa";
String LOGIN_PASSWD = "123456";
String user = request.getParameter("a");
String passwd = request.getParameter("b");
String rc = request.getParameter("c");
String action = request.getParameter("action");
String res = "";
if(Utility.sha1Hex(rc+LOGIN_USER).equals(user)
&& Utility.sha1Hex(rc+LOGIN_PASSWD).equals(passwd) ){
if("version".equals(action)){
res = "1.0";
}else if("info".equals(action)){
res = "test server.";
}else{
res = "?";
}
}else{
res = "login fail.";
}
response.setContentType("text/plain; charset=utf-8");
response.getWriter().write(res);
response.getWriter().close();
%>
</head>
</html>
package org.sl.util;
import java.security.MessageDigest;
public class Utility {
public static String sha1Hex(String src){
final char hexDigits[]={'0','1','2','3','4','5','6','7','8','9','a','b','c','d','e','f'};
try {
byte[] btInput = src.getBytes();
MessageDigest mdInst = MessageDigest.getInstance("SHA-1");
mdInst.update(btInput);
byte[] md = mdInst.digest();
// 把密文转换成十六进制的字符串形式
int j = md.length;
char str[] = new char[j * 2];
for (int i=0,k=0; i < j; i++) {
byte byte0 = md[i];
str[k++] = hexDigits[byte0 >>> 4 & 0xf];
str[k++] = hexDigits[byte0 & 0xf];
}
return new String(str);
} catch (Exception e) {
return "";
}
}
}